fixed strndup usage in the pgsql ext

diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c
index ded4a62c584d1653d753ee35bbcad51532922f2a..fdd58a21c428329b4bb3923ed28924316d81b31a 100644 (file)
--- a/ext/pgsql/pgsql.c
+++ b/ext/pgsql/pgsql.c
@@ -966,8 +966,30 @@ static char *_php_pgsql_escape_identifier(const char *field, size_t field_len)
        field_escaped[j] = '\0';
        return field_escaped;
 }
+/* }}} */
 #endif
 
+/* {{{ _php_pgsql_strndup, no strndup should be used */
+static char *_php_pgsql_strndup(const char *s, size_t len)
+{
+       char *new;
+
+       if (NULL == s) {
+               return (char *)NULL;
+       }
+
+       new = (char *) malloc(len + 1);
+
+       if (NULL == new) {
+               return (char *)NULL;
+       }
+
+       new[len] = '\0';
+
+       return memmove(new, s, len);
+}
+/* }}} */
+
 /* {{{ PHP_INI
  */
 PHP_INI_BEGIN()
@@ -6007,7 +6029,7 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con
                        size_t new_len, field_len = strlen(field);
 
                        if (_php_pgsql_detect_identifier_escape(field, field_len) == SUCCESS) {
-                               escaped = strndup(field, field_len);
+                               escaped = _php_pgsql_strndup(field, field_len);
                        } else {
 #if HAVE_PQESCAPELITERAL
                                escaped = PQescapeIdentifier(pg_link, field, field_len);
@@ -6101,7 +6123,7 @@ static inline void build_tablename(smart_str *querystr, PGconn *pg_link, const c
        token = php_strtok_r(table_copy, ".", &tmp);
        len = strlen(token);
        if (_php_pgsql_detect_identifier_escape(token, len) == SUCCESS) {
-               escaped = strndup(token, len);
+               escaped = _php_pgsql_strndup(token, len);
        } else {
 #if HAVE_PQESCAPELITERAL
                escaped = PQescapeIdentifier(pg_link, token, len);
@@ -6115,7 +6137,7 @@ static inline void build_tablename(smart_str *querystr, PGconn *pg_link, const c
                len = strlen(tmp);
                /* "schema"."table" format */
                if (_php_pgsql_detect_identifier_escape(tmp, len) == SUCCESS) {
-                       escaped = strndup(tmp, len);
+                       escaped = _php_pgsql_strndup(tmp, len);
                } else {
 #if HAVE_PQESCAPELITERAL
                        escaped = PQescapeIdentifier(pg_link, tmp, len);